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2a)M This action is FINAL. 2b)n This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 . 453 0,G. 213. 
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5) 0 Claim(s) is/are allowed. 
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Application Papers 

9) 0 The specification is objected to by the Examiner. 
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Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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DETAILED ACTION 



1 . Claims 1-63 are pending in tliis Office action. 

Response to Arguments 

2. Applicant's arguments filed on August 2, 2004 have been fully considered but 
they are not persuasive for the following reasons. 

Applicant argues that it is unclear why the Examiner is suggesting that these 
limitations lack sufficient antecedent basis; Hillier does not disclose the identification of 
a certificate signing request that is associated with a signed certificate; a prima facie 
case of obviousness has not been established with respect to the claim; and the prior 
art, either individually or in combination, fail to disclose the claimed limitations of 
applicant's independent claims, each of these claims is nonobvious in view of these 
references. 

Examiner respectfully disagrees the entire allegation as argued. 

Applicant's independent claims recite "a method", "a system" and "an article of 
manufacture" rather than "a computer-implemented method", "a computer system" and 
"an article of manufacture readable in a computer medium". These claims do not 
indicate use of hardware on which the software runs to perform the steps recited in the 
body of the claims. Software or program can be stored on a medium and/or executed 
by a computer. In other words the software must be computer-readable. The use of a 
computer is not evident in the claim. MPEP 2106.IV.B.1(a) refers to "computer- 
readable" medium with computer program encoded on it." 
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In response to applicant's argument on page 21 , a prima facie case of 
obviousness is established when the teachings from the prior art itself would appear to 
have suggested the claimed subject matter to a person of ordinary skill in the art. Once 
such a case is established, it is incumbent upon appellant to go fonvard with objective 
evidence of unobviousness. In re Fielder . 471 F.2d 640, 176 USPQ 300 (CCPA 1973). 

Examiner Is entitled to give claim limitations their broadest reasonable 
interpretation in light of the specification. During patent examination, the pending claims 
must be 'given the broadest reasonable interpretation consistent with the specification.' 
Applicant always has the opportunity to amend the claims during prosecussion and 
broad interpretation by the examiner reduces the possibility that the claim, once issued, 
will be interpreted more broadly than is justified. In re Prater, 162 USPQ 541,550-51 
(CCPA 1969). 

In response to applicant's argument that the prior art, either individually or in 
combination, fail to disclose the claimed limitations of applicant's independent claims, 
each of these claims is nonobvious in view of these references, the examiner 
recognizes that obviousness can only be established by combining or modifying the 
teachings of the prior art to produce the claimed invention where there is some 
teaching, suggestion, or motivation to do so found either in the references themselves 
or in the knowledge generally available to one of ordinary skill in the art. See In re Fine, 
837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988) and In re Jones, 958 F.2d 347, 21 
USPQ2d 1941 (Fed. Cir. 1992). In this case, it would have been obvious to a person of 
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ordinary skill in the art at the time of the invention was made to combine the teaching to 
provide the level of security to users; it would have been obvious to a person of ordinary 
skill in the art to combine the teaching of Blakley with Hillier to maintain client enterprise 
resource authorization control at the middle tier server and to enable single client 
authentication with access to multiple enterprise resources each having individual 
authorization mechanisms (column 3, lines 24 - 30; Blakley). 

Hillier's teachings of the security activation module detects (identify) security 
activation of the secure computing device. Such activation may be at the log on at the 
secure communication device, when the secure communication device logs (signing) on 
to a security application (i.e., at activation of the security application), or when the 
security application is re-authenticated. As such, the detection of security activation is 
done rather infrequently in comparison to the times that software applications are 
accessed by the secure communication device and even more infrequently in 
comparison to the times that data created by the applications is secured. Having 
detected security activation, the security activation module provides a signal to the 
security parameter module, which obtains relevant security infomiation clearly shows 
applicants identification of a certificate signing request (see column 2, lines 36 - column 
4, line 27). 

For the above reasons. Examiner believed that the rejection of the last Office 
action was proper. 
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Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
fonii the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1 - 5, 7, 36 - 40 and 42 are rejected under 35 U.S.C. 102(b) as being 
anticipated by U.S. Patent Number 6,055.636 issued to Stephen Hillier et al. ("Hillier"). 

With respect to claim 1, Hillier teaches a computer implemented method 
comprising: reading distinguished name data from a signed certificate received from a 
certificate authority (column 5, lines 45 - 50); and 

searching a data structure to identify a certificate-signing request associated with 
the signed certificate (column 3, lines 29 - 31). the identified certificate-signing request 
corresponding to the read distinguished name data (column 2. lines 38 - 39 and 49 - 
54). 

As to claim 2. identifying a key pair associated with the signed certificate (column 
2. lines 49 - 54). 

As to claim 3, the read distinguished name data comprising all of the 
distinguished name data contained in the signed certificate (column 5, lines 18 - 22). 

As to claim 4, the identified certificate-signing request corresponding to a portion 
of the read distinguished name data (column 5, lines 18 - 22). 

As to claim 5. importing the signed certificate to a server associated with the 
identified certificate-signing request (column 3. lines 29 - 31 ). 
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As to claim 7, identifying at least two certificate signing requests associated with 
the signed certificate (column 3, lines 29 - 45). 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which fomris the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 

the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 

the various claims was commonly owned at the time any inventions covered therein 

were made absent any evidence to the contrary. Applicant is advised of the obligation 

under 37 CFR 1 .56 to point out the Inventor and invention dates of each claim that was 

not commonly owned at the time a later invention was made in order for the examiner to 

consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 

prior art under 35 U.S.C. 103(a). 

5. Claims 6 and 41 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hillier and in view of "How To: Enable SSL for All Customers Who Interact with Your 
Web Site." 

As to claim 6, Hillier teaches the secure communication device includes a 
security activation module, an application programmatic interface (see column 3, lines 4 
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- 14). Hillier does not explicitly teach the signed certificate is imported to a device that 
performs SSL processing on behalf of the server as claimed. 

"HOW TO: Enable SSL" discloses claimed signed certificate is imported to a 
device that performs SSL processing on behalf of the server (To enable ssl server 
certificate verification, and to provide the level of security that your customers desire, you should obtain a 
certificate from a third-party CA. Certificates that are issued to your organization by a third-party CA are 
typically tied to the Web server, and more specifically to the Web site to which you to bind SSL. You can 
create your own certificate with the Internet Infonnnation Services (IIS) server, but if you do so, your clients 
must implicitly trust you as the certificate authority). 

It would have been obvious to a person of ordinary skill in the art at the time of 
the invention to combine "HOW TO: Enable SSL" with Hillier to provide the level of 
security to users. 

Claims 36 - 42 are essentially the same as claims 1 - 7 except that it set forth 
the claimed invention as an article of manufacture rather than a method and rejected for 
the same reasons as applied hereinabove. 

6. Claims 8 - 1 1 , 14 - 18. 19 - 28. 29 - 35, 43 - 46. 49 - 53 and 54 - 63 are 
rejected under 35 U.S.C. 103(a) as being unpatentable over Hillier and further in view of 
U.S. Patent Number 6,067.623 issued to George Blakley et al. ("Blakley"). 

With respect to claim 8. Hillier teaches distinguished name data for each of a 
plurality of certificate signing requests (column 5, lines 45 - 50); extracting distinguished 
name data from a signed certificate received from a certificate authority (column 3, lines 
29 - 33): and comparing the extracted distinguished name data to identify a certificate 
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signing request associated with the signed certificate from the plurality of certificate 
signing requests (column 2. lines 38 - 39, 49 - 54 and column 5, lines 1 - 9). 

Hlllier does not explicitly teach providing a mapping table as claimed. 

Blakley teaches claimed mapping table (see column 4, lines 18-49 and column 
5, lines 7 -16). 

It would have been obvious to a person of ordinary skill in the art at the time of 
the invention to combine Blakley with Hillierto maintain client enterprise resource 
authorization control at the middle tier server. It would have been obvious to enable 
single client authentication with access to multiple enterprise resources each having 
individual authorization mechanisms (column 3, lines 24 - 30; Blakley). 

As to claim 9, at least a common name for each of the plurality of certificate 
signing requests (column 3, lines 29 - 33; Hillier) . 

As to claim 10, the extracted distinguished name data comprising all of the 
distinguished name data contained in the signed certificate (column 5, lines 18-22). 

As to claim 11, the extracted distinguished name data comprising a common 
name (column 5, lines 18 - 22). 

As to claim 14, comparing the extracted distinguished name data with the 
mapping table data to identify at least two certificate signing requests from the plurality 
of certificate signing requests (column 2, lines 38 - 39, 49 - 54 and column 5, lines 1 - 
9); and determining which of the at least two certificate signing requests is associated 
with the signed certificate (column 3, lines 29 - 45). 
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As to claim 15, perfomning a second search of the mapping table data to 
detemilne which of the at least two certificate signing requests is associated with the 
signed certificate (column 3, lines 29 - 45). 

As to claim 16, importing the signed certificate to a server associated with the 
identified certificate signing request (column 3. lines 29 - 33). 

As to claim 18, identifying at least two certificate signing requests associated with 
the signed certificate (column 3, lines 29 - 45). 

With respect to claim 19, Hillier teaches generating a certificate signing request, 
the certificate signing request including distinguished name data (column 5, lines 45 - 
50); 

transmitting the certificate signing request to a certificate authority (column 1 , 
lines 64 - 65); 

receiving a signed certificate from the certificate authority, the signed certificate 
including distinguished name data (column 1 , lines 58 - 60); 

extracting the distinguished name data from the signed certificate (column 2, 
lines 45 - 47 and column 3, lines 29 - 33); and comparing the extracted distinguished 
name data with the stored distinguished name data contained in the mapping table to 
identify the certificate signing request (column 2, lines 38 - 39, 49 - 54 and column 5, 
lines 1 - 9). 

Hillier does not explicitly teach providing a mapping table as claimed. 
Blakley teaches claimed mapping table (see column 4, lines 18-49 and column 
5, lines 7- 16). 
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It would have been obvious to a person of ordinary skill in the art at the time of 
the invention to combine Blakley with Hillier to maintain client enterprise resource 
authorization control at the middle tier server. It would have been obvious to enable 
single client authentication with access to multiple enterprise resources each having 
individual authorization mechanisms (column 3, lines 24 - 30; Blakley). 

Claim 17 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hillier 
and Blakley and further in view of "How To: Enable SSL for All Customers Who Interact 
with Your Web Site." ("How To: Enable SSL"). 

As to claim 17, Hillier teaches the secure communication device includes a 
security activation module, ... an application programmatic interface (see column 3, 
lines 4-14). Hillier and Blakley do not explicitly teach the signed certificate is imported 
to a device that performs SSL processing on behalf of the server as claimed. 

"HOW TO: Enable SSL" discloses claimed signed certificate is imported to a 
device that performs SSL processing on behalf of the server (To enable SSL sen/er 

certificate verification, and to provide the level of security that your customers desire, you should obtain a 
certificate from a third-party CA. Certificates that are issued to your organization by a third-party CA are 
typically tied to the Web server, and more specifically to the Web site to which you to bind SSL. You can 
create your own certificate with the Internet Infomnation Services (IIS) server, but if you do so. your clients 
must implicitly trust you as the certificate authority). 

It v^^ould have been obvious to a person of ordinary skill in the art at the time of 

the invention to combine "HOW TO: Enable SSL" with Hillier to provide the level of 

security to users. 
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The subject matter of claims 20 - 28 are rejected in the analysis above in claims 
8-11,14-19 and these claims are rejected on that basis. 

Claims 29 - 35 are essentially the same as claims 8-11,14-18 and 19 except 
that it sets forth the claimed invention as a system rather than a method and rejected for 
the same reasons as applied above. 

Claims 43 - 46 and 49 - 53 are essentially the same as claims 8-11 and 14 - 
18 except that it sets forth the claimed invention as an article of manufacture rather than 
a method and rejected for the same reasons as applied above. 

Claims 54 - 63 are essentially the same as claims 8-11,14-18 and 19 except 
that it sets forth the claimed invention as an article of manufacture rather than a method 
and rejected for the same reasons as applied above. 

Allowable Subject Matter 

7. Claims 1 2, 13, 47 and 48 are objected to as being dependent upon a rejected 
base claim, but would be allowable if rewritten in independent fonm including all of the 
limitations of the base claim and any intervening claims. 
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Conclusion 

8. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth In 37 CFR 1 . 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 
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Contact Information 



9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shahid Al Alam whose telephone number is (571 ) 272- 
4030. The examiner can normally be reached on IVIonday-Thursday 8:00 A.M.- 4:00 
P.IVI.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John E Breene can be reached on (571) 272-4107. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status infomnation for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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